<?php

/**
 *      [Discuz!] (C)2001-2099 Comsenz Inc.
 *      This is NOT a freeware, use is subject to license terms
 *
 *      $Id: sample_index.php 33234 2016-01-20 11:39:46Z mpage $
 */

if(!defined('IN_DISCUZ')) {
	exit('Access Denied');
}

$_G['uid'] = intval($_POST['uid']);

if((empty($_G['uid']) && $_GET['operation'] != 'upload') || $_POST['hash'] != md5(substr(md5($_G['config']['security']['authkey']), 8).$_G['uid'])) {
	exit();
} else {
	if($_G['uid']) {
		$_G['member'] = getuserbyuid($_G['uid']);
	}
	$_G['groupid'] = $_G['member']['groupid'];
	loadcache('usergroup_'.$_G['member']['groupid']);
	$_G['group'] = $_G['cache']['usergroup_'.$_G['member']['groupid']];
}

if($_GET['operation'] == 'upload') {

	if(empty($_GET['simple'])) {
		$_FILES['Filedata']['name'] = diconv(urldecode($_FILES['Filedata']['name']), 'UTF-8');
		$_FILES['Filedata']['type'] = $_GET['filetype'];
	}
	$forumattachextensions = '';
	$fid = intval($_GET['fid']);
	if($fid) {
		$forum = $fid != $_G['fid'] ? C::t('forum_forum')->fetch_info_by_fid($fid) : $_G['forum'];
		if($forum['status'] == 3 && $forum['level']) {
			$levelinfo = C::t('forum_grouplevel')->fetch($forum['level']);
			if($postpolicy = $levelinfo['postpolicy']) {
				$postpolicy = dunserialize($postpolicy);
				$forumattachextensions = $postpolicy['attachextensions'];
			}
		} else {
			$forumattachextensions = $forum['attachextensions'];
		}
		if($forumattachextensions) {
			$_G['group']['attachextensions'] = $forumattachextensions;
		}
	}
	$upload = new forum_upload();

} else {

	$showerror = true;
	if($_FILES["Filedata"]['error']) {
		$file = lang('spacecp', 'file_is_too_big');
	} else {
		$_FILES["Filedata"]['name'] = addslashes(diconv(urldecode($_FILES["Filedata"]['name']), 'UTF-8'));
		$name = explode('.', $_FILES["Filedata"]['name']);
		$name = str_replace('.'.$name[count($title) -1], '', $_FILES["Filedata"]['name']);
		$file = swfupload($_FILES["Filedata"], 'portal', 120, 120);
		$pic_id = C::t('#dzapp_base#dzapp_base_attachment')->insert(array(
			'uid' => $_G['uid'],
			'username' => $_G['username'],
			'shop_id' => $_GET['shop_id'],
			'type' => 2,
			'idtype' => $_GET['type'],
			'filename' => $name,
			'filetype' => $file['extension'],
			'filesize' => $file['size'],
			'attachment' => $file['pic'],
			'thumb' => 1,
			'field' => $_GET['field'],
			'dateline' => $_G['timestamp'],
			'ip' => $_G['clientip'],
		), true);
		if(!empty($file) && is_array($file)) {
			$url = dzapp_pic_get($file['pic'], 'portal', $file['thumb'], $file['remote']);
			$bigimg = dzapp_pic_get($file['pic'], 'portal', 0, $file['remote']);
			$title = diconv($title, CHARSET, 'utf-8');
			echo "{\"picid\":\"$pic_id\", \"title\":\"$name\", \"url\":\"$url\", \"bigimg\":\"$bigimg\", \"field\":\"$_GET[field]\", \"cover\":\"$_GET[cover]\", \"attachment\":\"$file[pic]\"}";
			$showerror = false;
		}
	}
	if($showerror) {
		echo "{\"picid\":\"0\", \"url\":\"0\", \"bigimg\":\"0\"}";
	}
}

function swfupload($FILES, $type='album', $thumb_width=0, $thumb_height=0, $thumb_type=2) {
	global $_G, $var;

	$upload = new discuz_upload();
	$result = array('pic'=>'', 'thumb'=>0, 'remote'=>0, 'name' => '', 'extension' => '', 'size' => 0);

	$upload->init($FILES, $type);
	if($upload->error()) {
		return array();
	}

	$upload->save();
	if($upload->error()) {
		return array();
	}

	$result['pic'] = $upload->attach['attachment'];
	$result['name'] = $upload->attach['name'];
	$result['extension'] = $upload->attach['extension'];
	$result['size'] = $upload->attach['size'];

	if($thumb_width && $thumb_height) {
		require_once libfile('class/image');
		$image = new image();
		if($image->Thumb($upload->attach['target'], '', $thumb_width, $thumb_height, $thumb_type)) {
			$result['thumb'] = 1;
		}
		if(empty($_G['setting']['portalarticleimgthumbclosed']) && $var['watermark']) {
			$image->Watermark($upload->attach['target'], '', 'portal');
			$image->Watermark($upload->attach['target'].'.thumb.jpg', '', 'portal');
		}
	}

	if(getglobal('setting/ftp/on')) {
		if(ftpcmd('upload', $type.'/'.$upload->attach['attachment'])) {
			if($result['thumb']) {
				ftpcmd('upload', $type.'/'.getimgthumbname($upload->attach['attachment']));
			}
			ftpcmd('close');
			$result['remote'] = 1;
		} else {
			if(getglobal('setting/ftp/mirror')) {
				@unlink($upload->attach['target']);
				@unlink(getimgthumbname($upload->attach['target']));
				return array();
			}
		}
	}

	return $result;
}

?>